Exploitdb Exploits
31,329 exploits tracked across all sources.
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation
by Panagiotis Vagenas
Muviko - SQL Injection
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php.
by Ahmad Mahfouz
CVSS 9.8
Joomla! - com_easydiscuss <4.0.21 - XSS
The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS.
by Mattia Furlani
CVSS 5.4
Parity Browser - Origin Validation Error
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the current website's token, which is not bound to an origin).
by tintinweb
CVSS 5.3
Multiple CPUs - Information Leak Using Speculative Execution
by Google Security Research
Microsoft Windows - Local XPS Print Spooler Sandbox Escape
by Google Security Research
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)
by hyp3rlinx
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
by NinTechNet
Synology Photostation < 6.7.2-3429 - Multiple Vulnerabilities
by GulfTech Security
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
by Vulnerability-Lab
Synology DSM <6.1.3-15152 - Info Disclosure
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.
by Steve Kaun
CVSS 5.3
Google Android - Out-of-Bounds Write
In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-66954097.
by Google Security Research
CVSS 7.8
GPS Tracking Software 2.x - Info Disclosure
gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to obtain access by predicting this new password. This is related to the use of gmdate for password creation in fn_connect.php.
by Noman Riffat
CVSS 9.8
Windows - Privilege Escalation
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability".
by Google Security Research
CVSS 7.0
GPS Tracking Software <3.0 - Code Injection
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a login request.
by Noman Riffat
CVSS 9.8
Gespage < 7.4.9 - SQL Injection
Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
by Sysdream
CVSS 9.8
Oturia Smart Google Code Inserter < 3.5 - Authentication Bypass
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code.
by Benjamin Lim
CVSS 9.8
Oturia Smart Google Code Inserter < 3.5 - SQL Injection
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query.
by Benjamin Lim
CVSS 9.8
Opentext Document Sciences Xpression < 4.5 - SQL Injection
xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.
by Pawel Gocyla
CVSS 7.5
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
by GulfTech Security
PHP Melody <2.7.1 - SQL Injection
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
by Ahmad Mahfouz
CVSS 9.8
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive information and access functionalities without proper access controls.
by LiquidWorm
CVSS 9.8
By Source